[Hyperledger Project TSC] Fwd: TSC Voting Discussion Today

Vipin Bharathan

Forwarding to list

Begin forwarded message:

From: vipin bharathan <vipinsun@...>
Date: July 13, 2017 at 2:03:02 PM EDT
To: Hart Montgomery <hmontgomery@...>
Subject: Re: [Hyperledger Project TSC] TSC Voting Discussion Today


In my understanding however, the debate today was about who can vote rather than who can stand for election. Given that only eligible voters can stand, it naturally follows that it is also about who can stand.

Expanding the voting pool to legitimate contributors was my first priority.  Thanks for pointing out the Sybil possibilities. This had crossed my mind as well and could happen if the bar is too low. But this is a secondary concern at this point. We may need to put some barriers up to prevent that.


On Jul 13, 2017 1:47 PM, "Hart Montgomery via hyperledger-tsc" <hyperledger-tsc@...> wrote:

Hi Everyone,


In light of the discussion on the TSC election procedure today, I had a few comments.


The discussion centered around who was eligible to run for the TSC.  While this is important, I also thought it was worthwhile to think about who could vote.  This wasn’t really a point of emphasis during the meeting.


Chris brought up the point that anyone who really cared about participating could put in the fairly minimal time of creating an account and checking in some comment (or spell-checking some comment, which was I believe the exact reference) and then could be included in the contributor list.  My next thought was: why stop at 1 account?  Or 10?  Or 100? 


To me, this is a bit worrisome.  Our only duplicate checking consists of Tracy and Todd kindly asking people to remove duplicate emails.  For people whose alternate emails are not obviously related to their main emails, why not just vote twice?  It seems like, to put it in the terms of our field, our leadership election protocol is vulnerable to a Sybil attack!


While I don’t believe that this is probably a super-serious issue at this point in time (although I would be willing to bet that at least one person will vote at least more than once in the upcoming election if we stick with the current rules for contributors), this is probably something we should address at some point.  In theory, a couple of malicious maintainers (of any project) could completely hijack the TSC election by creating a bunch of scripted, dummy accounts that make inconsequential changes to files that don’t matter.  Given that the current count of contributors is only 300, someone could do this entirely by hand, probably get away with it, and have a substantial impact on the election (are you 100% sure that no one person controls, say, 30+ contributor email accounts?).  In the worst case, if something like r/btc picks up on this, we could be looking at “Mountain Dew” or something of that ilk on the TSC…


To be fair, Mountain Dew has probably contributed far more to the advancement of computer science than I ever will.  But, in all seriousness, I think we should have a discussion on what it means to be a “contributor” and I’m not convinced an automated solution is the answer, even for code contributions directly to projects.


Sorry for the long wall of text.  If you’ve made it this far, thanks for reading, and have a great day.




hyperledger-tsc mailing list

Join toc@lists.hyperledger.org to automatically receive all group messages.